Import the certificate if the user accepts it.

2001-10-02  Jeffrey Stedfast  <fejj@ximian.com>

	* camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if
	the user accepts it.

svn path=/trunk/; revision=13363

1 files changed, 8 insertions, 18 deletions

diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index c5d1766ca8..83a468b281 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
 	g_free (prompt);
 	
 	if (accept) {
-#if 0
-		/* this code would work, except guess what? mozilla
-                   again changed api - these are all deprecated
-                   functions again. */
-		CERTCertificate *temp;
-		CERTCertTrust *trust;
-		PK11SlotInfo *slot;
-		char *nickname;
-		
-		nickname = CERT_MakeCANickname (cert);
+		SECItem *certs[1];
+		SECStatus ret;
 		
-		slot = PK11_GetInternalKeySlot ();
+		if (!cert->trust)
+			cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust));
 		
-		trust = PORT_ZAlloc (sizeof (CERTCertTrust));
-		trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
+		cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED;
 		
-		temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE);
+		certs[0] = &cert->derCert;
 		
-		CERT_AddTempCertToPerm (temp, nickname, trust);
+		CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs,
+				  NULL, TRUE, FALSE, cert->nickname);
 		
-		CERT_DestroyCertificate (temp);
-		PORT_Free (nickname);
-#endif		
 		return SECSuccess;
 	}